Home | Devuan | Git | Forum | Packages | Popcon
Donate now!
Download

Devuan bug report logs - #658
policykit-1: CVE-2021-4034

version graph

Package: policykit-1; Maintainer for policykit-1 is Devuan Dev Team <devuan-dev@lists.dyne.org>; Source for policykit-1 is src:policykit-1.

Reported by: Dimitris <dimitris@stinpriza.org>

Date: Wed, 26 Jan 2022 10:26:01 UTC

Severity: critical

Found in version 0.105-31+devuan1

Fixed in versions 0.105-31.1+devuan1, 0.105-25+devuan0~bpo2+2, 0.105-31+devuan2, 0.105-25+devuan9

Done: Mark Hindley <mark@hindley.org.uk>

Full log

Message #15 received at 658-done@bugs.devuan.org (full text, mbox, reply):

Received: (at 658-done) by bugs.devuan.org; 26 Jan 2022 13:09:03 +0000
Return-Path: <mark@hindley.org.uk>
Delivered-To: devuanbugs@dyne.org
Received: from tupac3.dyne.org [195.169.149.119]
	by doc.devuan.org with IMAP (fetchmail-6.4.16)
	for <debbugs@localhost> (single-drop); Wed, 26 Jan 2022 13:09:03 +0000 (UTC)
Received: from mx.hindley.org.uk (193-36-131-86.cfwn.uk [193.36.131.86])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.dyne.org (Postfix) with ESMTPS id 9DC7B6617D5
	for <658-done@bugs.devuan.org>; Wed, 26 Jan 2022 14:07:47 +0100 (CET)
Received: from apollo.hindleynet ([192.168.1.3] helo=hindley.org.uk)
	by mx.hindley.org.uk with smtp (Exim 4.84_2)
	(envelope-from <mark@hindley.org.uk>)
	id 1nCi1Z-0002UQ-2J; Wed, 26 Jan 2022 13:07:45 +0000
Received: (nullmailer pid 19532 invoked by uid 1000);
	Wed, 26 Jan 2022 13:07:44 -0000
Date: Wed, 26 Jan 2022 13:07:44 +0000
From: Mark Hindley <mark@hindley.org.uk>
To: Dimitris <dimitris@stinpriza.org>, 658-done@bugs.devuan.org
Subject: Re: bug#658: policykit-1: CVE-2021-4034
Message-ID: <YfFHoBAYS5u30+hO@hindley.org.uk>
References: <40c391db-619c-579c-c077-3360f12400d3@stinpriza.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <40c391db-619c-579c-c077-3360f12400d3@stinpriza.org>
X-Debbugs-No-Ack: No Thanks
X-Spam-Status: No, score=0.4 required=5.0 tests=RDNS_DYNAMIC,SPF_PASS,
	URIBL_BLOCKED autolearn=disabled version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mail.dyne.org

Version: 0.105-31.1+devuan1

Dimitris,

On Wed, Jan 26, 2022 at 12:24:28PM +0200, Dimitris wrote:
> Package: policykit-1
> Version: 0.105-31+devuan1
> Severity: critical
> Tags: security
> Justification: root security hole
> X-Debbugs-Cc: dimitris@stinpriza.org

Updated binaries are already in unstable, daedalus, chimaera-security and
beowulf-security. Ascii-security is building.

Mark

Send a report that this bug log contains spam.

Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.

Devuan Bugs Owner <owner@bugs.devuan.org>.
Last modified: Sat Apr 20 01:56:25 2024;